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1.  Introduction 


The  NETGEAR  ProSAFE  M43001  series  10-GbE  network  switch  is  a  fully 
managed  switch.  As  such,  it  has  lots  of  options  that  may  seem  complicated  at  first. 
Once  the  user  learns  the  terminology  and  thought  process  behind  the  options,  such 
a  switch  has  a  very  powerful  user  interface  for  fine  tuning  control  of  data  sent  over 
the  network  to  improve  throughput  of  transfers. 

This  report  provides  a  short  overview  and  quick  tutorial  on  how  to  set  up  some 
simple  but  important  settings  on  the  switch  and  lays  a  foundation  for  understanding 
how  to  proceed  in  order  to  achieve  maximum  bandwidth  and  throughput  of  the 
switch. 

2.  Startup 

To  start  up  the  switch,  plug  it  into  any  120-V  wall  outlet.  The  power  light  will  turn 
solid  yellow  and  then  green  after  a  minute  or  2.  If  the  light  starts  blinking  yellow, 
the  switch  is  not  working  properly.  Once  the  light  turns  green,  the  switch  is  ready 
to  use. 

3.  Connecting  to  the  Switch 

Next,  plug  in  a  connector,  RJ45  or  SFP+. 

Windows  will  sometimes  show  an  IP  address  without  a  gateway.  This  is  not  the  IP 
address  of  the  machine.  Wait  until  it  has  a  gateway,  the  IP  address  will  probably 
change  as  well,  and  then  that  is  the  IP  address  of  the  machine.  Linux  does  not  do 
this.  In  either  case,  the  computer  should  have  its  final  IP  address  within  a  minute. 
In  our  case,  it  was  in  the  192.168.40.0/24  subnet. 

4.  Connecting  to  the  Management  Interface 

The  out-of-band  (OOB)  management  port  on  the  front  of  the  system  is  guaranteed 
to  work  in  case  the  other  ports  are  not  dynamically  assigning  IP  addresses. 

For  our  management  interface,  the  username  is  “radar”  and  the  password  is 
“ARLpasswordl2”  for  all  of  these  methods.  Figure  1  shows  the  NETGEAR  login. 
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NETGEAR 

M4300-8X8F  ProSAFE  8-port  10GBASE-T  and  8-port  10G  SFP+ 


Login _ © 

Username*  | 

Password 


Login 


Fig.  1  NETGEAR  login 

The  following  are  various  connection  options: 

1)  To  connect  to  the  NETGEAR  ProSAFE  switch  through  a  Dynamic  Host 
Configuration  Protocol  (DHCP)  port,  open  a  web  browser  and  navigate  to 
192.168.40.1. 

2)  To  connect  to  the  switch  through  any  of  the  16  main  ports: 

a)  Open  up  a  web  browser  and  navigate  to  1 92. 1 68.40. 1 . 

b)  Alternatively,  set  a  network  adapter  to  a  static  IP  of  1 69.254. 1 00.20 1 . 

c)  Open  a  web  browser  and  navigate  to  169.254.100.100. 

3)  To  connect  to  the  NETGEAR  ProSAFE  switch  through  the  OOB  port 
through  a  wire  Ethernet  connection: 

a)  Set  the  network  adapter  for  a  static  IPv4  address  of  1 69.254. 1 0 1 .20 1 . 

b)  Open  up  a  web  browser  and  navigate  to  1 69.254. 1 0 1 . 1 00. 

4)  To  connect  to  the  NETGEAR  ProSAFE  switch  through  the  console  Ethernet 
port,  one  could  use  a  secure  shell  client,  connecting  to  192.168.40.1.  We  do 
not  suggest  this  method. 

5)  To  connect  to  the  NETGEAR  ProSAFE  switch  through  the  console  USB 
port,  one  needs  drivers  on  the  computer: 

a)  The  switch  comes  with  a  disk,  but  disks  can  also  be  found  online  on 
NETGEAR’ S  website.2 

b)  The  switch  also  comes  with  a  USB  cable,  a  generic  USB  Type-A  to 
Mini  USB  Type-B. 
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c)  The  switch  also  comes  with  a  USB-to-serial  connector  for  console 
output. 

5.  Saving  a  Configuration 

The  user  can  change  settings  and  apply  them  without  worry,  but  unless  the  user 
saves  the  configuration  through  the  Maintenance  tab  all  the  changes  will  be  gone 
once  it  is  powered  off  (Fig.  2).  This  is  a  blessing  and  a  curse.  Power  cycles  every 
time  one  makes  a  change,  which  can  mess  up  the  system.  Save  the  configuration 
every  time  a  successful  change  has  been  made  to  the  configuration. 


1  System  1  Switching 

Routing 

QoS 

Security  1  Monitoring 

Maintenance 

Help 

Index  1 

Reset  Upload 

Download 

File  Management 

Troubleshooting 

Save  Configuration 


Saving  all  applied  changes  will  cause  all  changes  to 
configuration  panels  that  were  applied,  but  not  saved, 
'Auto  Install  Configuration  to  be  saved,  thus  retaining  their  new  values  across  a 
system  reboot. 


Fig.  2  Maintenance  tab 

6.  Adding/Deleting  Users 

Use  the  following  path  to  added  or  delete  users: 

Security— ^-Management  Security— >Local  User— >User  Management 

The  default  administrator  is  “admin”  without  any  password.  The  secondary  account 
(in  this  case)  is  radar  /  ARLpasswordl2  for  a  more  general  audience.  There  is  also 
a  “guest”  user  without  a  password  with  read-only  access. 

This  is  where  one  can  add/delete  users.  One  cannot  delete  the  account  one  has 
logged  in  with.  We  encourage  using  a  password. 

Under  Security— ^Management  Security— >Login  Sessions,  one  can  keep  track  of 
who  is  logged  in  and  from  where. 

7.  Setting  Up  a  DHCP  Virtual  Local  Area  Network  (VLAN) 

This  process  takes  some  time  and  understanding  to  master,  because  creating  a  new 
VLAN  does  not  create  the  virtual  interface  to  actually  use  that  new  VLAN. 

It  is  worth  explaining  here  that  a  DHCP  server  creates  a  local  area  network  that  will 
dynamically  assign  IP  addresses  to  computers  attached  to  the  ports  associated  with 
that  VLAN.  Any  devices  not  DHCP-capable,  like  software-designed  radios,  must 
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be  assigned  a  static  IPv4  address  on  the  same  subnet  as  the  DHCP  pool.  In  our  case, 
that  is  192.168.40.0/24. 


7.1  Setting  Up  a  New  VLAN 

Use  the  following  path  to  set  up  a  new  VLAN: 

Switching— >- VLAN— »Basic— ► VLAN  Configuration 
The  procedures  for  setting  up  the  new  VLAN  (Fig.  3)  are  as  follows: 

1)  Type  the  number  of  the  new  VLAN,  any  unused  number  between  2  and 
4092. 

2)  The  name  field  is  optional. 

3)  Then  click  Add. 


VLAN  Configuration 


□ 

VLAN  ID 

VLAN  Name 

VLAN  Type 

Make  Static 

400 

test| 

Disable  v 

□ 

1 

default 

Default 

Disable 

□ 

200 

VLAN 0200 

Static 

Disable 

VLAN  Configuration 


□  1  default  Default  Disable 

□  200  VLAN  02  00  Static  Disable 

□  400  test  Static  Disable 


Fig.  3  Setting  up  a  new  VLAN 


7.2  Add  an  Interface  to  the  VLAN 

Use  the  following  path  to  add  an  interface  to  the  VLAN: 

Routing— ►  VLAN— >  VLAN  Routing  Configuration 
The  procedures  for  adding  an  interface  to  the  VLAN  (Fig.  4)  are  as  follows: 
1)  Select  the  new  VLAN  ID  from  the  drop-down  menu. 
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2)  Assign  an  unused  IP  address  with  the  last  triplet  as  1 . 

Remember  this  when  creating  the  DHCP  Pool,  as  it  will  use  the  same 
address. 


3)  Assign  the  subnet  mask  255.255.255.0. 

4)  Then  click  Add. 

VLAN  Routing  Configuration 


□ 

VLAN  ID 

Port 

MAC  Address 

IP  Address 

Subnet  Mask 

400  v 

192  1 :  ii  1  1 

255  255  2 55  d| 

□ 

i 

0/4/1 

08:BD:43:71:58:4C 

169.254.100.100 

255.255.255  0 

□ 

200 

0/4/2 

OS  BD  43:71:58  4C 

192.168.40.1 

255  255  2550 

VLAN  Routing  Configuration 


□  1  0/4/1  08:BD:43:71:58:4C  169.254.100.100  255.255.255.0 

□  200  0/4/2  08:BD:43:71:58:4C  192.168.40.1  255.255.255.0 

□  400  0/4/3  08:BDi43:71:58:4C  192.168.1.1  255.255.255.0 


Fig.  4  Adding  an  interface 

7.3  Untag  All  Ports 

Use  the  following  path  to  untag  all  of  the  ports: 

Switching— ►VLAN —>  Advanced— ► VLAN  Membership 
The  procedures  for  untagging  all  of  the  ports  (Fig.  5)  are  as  follows: 

1)  Select  the  VLAN  from  the  drop-down  menu. 

2)  In  the  Group  Operation  drop-down  menu,  select  Tag  All,  then  Untag  All. 

3)  Then  click  Apply. 

With  only  one  network  switch  box,  do  not  tag  anything.  With  a  second  network  box, 
one  might  have  to  read  up  on  tagging.* 1 2  3 
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VLAN  Membership 


VAN  Membership 


VAN  ID 

400  v- 

VAN  ID 

400  21I 

Group  Operation 

Untag  All 

Group  Operation 

IffliiMlj  - 

VAN  Name 

[test  | 

VAN  Name 

VAN  Type 

VAN  Type 

^  Unit  1 

Ports  1  3  5  7  9  11  13  15 


■  AG 
AG  i 


2  4  6  8  10  12  14  16  18  20  22  24  26 


M  Unit  1 


Ports 

1 

3 

5 

7 

9 

11 

13 

15 

i 

i 

a 

a 

i 

i 

O 

a 

i 

I 

I 

I 

i 

V9 

I 

I 

2  4  6  8  10  12  14  16 


■  AG 

AG  1  3  5  7  9  11  13  15  17  19  21  23  25 


a 

a 

I 

I 

a 

a 

I 

a 

a 

m 

a 

a 

a 

I 

1 

I 

D 

I 

1 

I 

D 

i 

1 

I 

I 

u 

2  4  6  8  10  12  14  16  18  20  22  24  26 


Fig.  5  Untagging  all  ports 

7.4  Assign  Ports  to  Use  VLAN 

Use  the  following  path  to  assign  ports  to  the  VLAN: 

S witching— ► VLAN— Advanced— ►Port  PVID  Configuration 

One  needs  ports  that  will  connect  to  the  new  VLAN  and  automatically  get  an  IP 
address  in  that  VLAN,  so  one  must  assign  ports  to  use  our  VLAN  (Fig.  6).  Since 
all  of  the  ports  are  untagged,  this  step  might  not  strictly  be  necessary,  but  it  keeps 
the  switch  in  the  loop,  so  do  not  leave  these  steps  out. 

1)  Check  the  boxes  on  all  the  ports  we  want  to  be  part  of  our  new  VLAN. 

2)  In  the  PVID  column,  type  the  VLAN  ID  of  our  new  VLAN. 

3)  Then  click  Apply. 

Note:  One  can  double  check  VLAN  membership  here.  Under  the  VLAN  Member 
column,  all  the  VLAN  IDs  should  be  there  separated  by  commas.  One  can  also 
double  check  that  they  are  all  untagged:  if  they  are  all  comma  separated  under  the 
Untagged  VLANs  column  and  the  Tagged  VLANs  column  says  “None”. 
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PVID  Configuration 


1  LAG  All 


□ 

Interface 

PVID 

VLAN  Member 

VLA 

4Q0| 

□ 

1/0/1 

200 

1 ,200,400 

Nom 

□ 

1/0/2 

200 

1 ,200,400 

Nom 

D 

1/0/3 

200 

1,200,400 

Nom 

□ 

1/0/4 

200 

1,200,400 

Nom 

□ 

1/0/5 

200 

1,200,400 

Nom 

□ 

1/0/6 

200 

1,200,400 

Nom 

□ 

1/0/7 

200 

1,200,400 

Nom 

□ 

1/0/8 

200 

1 ,200,400 

Nom 

m 

1/0/9 

200 

1,200,400 

Nom 

m 

1/0/10 

200 

1,200,400 

Nom 

□ 

1/0/11 

200 

1,200,400 

Nom 

□ 

1/0/12 

200 

1,200,400 

Nom 

□ 

1/0/13 

200 

1,200,400 

Nom 

rr=n 

-i  mtiA 

■?nn 

i  ^nn Ann 

M^n, 

PVID  Configuration 


1  LAG  All 


□ 

Interface 

PVID 

VLAN  Member 

VLA 

□ 

1/0/1 

200 

1 ,200,400 

Non 

D 

1/0/2 

200 

1,200,400 

Non 

□ 

1/0/3 

200 

1,200,400 

Non 

□ 

1/0/4 

200 

1 ,200:400 

Non 

D 

1/0/5 

200 

1,200,400 

Non 

□ 

1/0/6 

200 

1,200,400 

Non 

□ 

1/0/7 

200 

1,200,400 

Non 

□ 

1/0/8 

200 

1,200,400 

Non 

□ 

1/0/0 

400 

1,200,400 

Non 

□ 

1/0/10 

400 

1,200,400 

Non 

□ 

1/0/11 

200 

1,200,400 

Non 

Fig.  6  Assigning  ports 

7.5  Excluding  IP  Addresses 


Use  the  following  path  to  exclude  IP  addresses: 

System— ^Services— >DHCP  Server  Configuration— ^-Excluded  Address 

Excluding  IP  addresses  is  important  for  the  computer  as  they  are  assign  statically. 
In  order  to  make  sure  the  DHCP  server  does  not  hand  out  an  IP  address  already 
being  used  by  one  of  those  computers,  one  must  exclude  the  one  being  used  (in  our 
case,  we  must  exclude  192.168.40.1). 

The  procedures  for  excluding  IP  addresses  (Fig.  7)  are  as  follows: 

1 )  In  both  columns,  type  the  IP  address  from  the  VLAN  Routing  Configuration 
used  to  create  the  VLAN  interface  by  typing  a  range  in  here;  the  user  can 
exclude  a  greater  range  of  IP  addresses.  Remember,  the  range  is  inclusive. 

2)  Then  click  Add. 


Excluded  Address 


□ 

IP  Range  From 

IP  Range  To 

[l  92. 168. 1.1 

1 92.1 68.1  l| 

□ 

192,168.40.1 

192.168.40,1 

Excluded  Address 


□ 

IP  Range  From 

IP  Range  To 

□ 

192,168.40.1 

192.168.40.1 

□ 

192.168.1.1 

192.168.1.1 

Fig.  7  Excluding  IP  addresses 


7.6  Setting  Up  a  DHCP  Pool 


Use  the  following  path  to  set  up  a  DHCP  pool: 

System— ^Services— >DHCP  Server— >DHCP  Pool  Configuration 
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Under  this  menu,  use  these  settings: 

1)  Pool  Name:  Create 

2)  Pool  Name:  Pick  any  one  that  is  not  already  found  in  the  drop-down  menu. 

3)  Type  of  Binding:  Dynamic 

4)  Network  Address:  A  subnet  that  is  not  already  in  use,  with  the  last  triplet 
being  0  (for  example,  192.168.1.0). 

5)  Network  Mask:  255.255.255.0 

Note:  Instead  one  could  type  “24  ”  into  the  Network  Prefix  Length  option, 
but  one  cannot  do  both. 

6)  Lease  Time:  Specified  Duration 

7)  Days:  1 

Note:  This  could  be  any  amount  of  time,  but  1  day  is  fairly  standard  in  industry. 

Once  the  settings  have  been  adjusted,  click  Apply.  Figure  8  shows  the  DHCP  Pool 
Configuration  window. 


DHCP  Pool  Configuration  DHCP  Pool  Configuration 


Pool  Name 

Create  ^ 

Pool  Name 

dynamic_pool_second 

3 

Pool  Name 

dynamic_pool_second 

(1  to  31  alp 

Type  of  Binding 

Dynamic  3 

Type  of  Binding 

Dynamic  v 

Network  Address 

[192.168.1.0 

Network  Address 

192.168.  l[0 

Network  Mask 

255.255.255.0 

Network  Mask 

255.255.255.0 

Network  Prefix  Length 

(0  to  32) 

Network  Prefix  Length 

(0  to  32) 

Client  Name 

Client  Name 

Hardware  Address 
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Fig.  8  DHCP  pool  configuration 


8.  Static  Network 


Configuring  a  static  network  is  the  simplest,  most  straightforward  setup  one  can 
achieve  on  this  network  switch.  However,  connecting  2  or  more  computers  to  the 
network  in  this  way  makes  all  the  features  of  the  network  switch  useless. 
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First,  assign  a  static  IPv4  on  each  computer/device  connected.  Makes  sure  all 
computers/devices  share  the  same  subnet  (e.g.,  192.168.1.0)  and  change  the  last 
triplet  for  each  one.  Connect  them  all  to  the  switch  and  they  will  be  able  to  see  one 
other. 

To  keep  certain  computers’  IP  addresses  static  without  having  to  reassign  the  same 
IP  in  the  network  adapter  every  time  the  user  connects,  it  is  possible  to  configure 
on  the  network  switch  by  1)  excluding  the  IP  address  from  the  DHCP  pool  and 
2)  configuring  the  DHCP  server  to  automatically  assign  the  computer’s  media 
access  control  (MAC)  address  the  desired  IP  address.  Note:  If  the  computer  has 
multiple  Ethernet  ports,  one  must  connect  from  the  same  port  on  the  machine  to 
take  advantage  of  this  feature  or  else  set  it  up  with  the  MAC  address  of  each  port. 

Finally,  to  connect  using  an  IP  address  that  was  dynamically  assigned,  one  can  clear 
all  dynamic  bindings  by  navigating  to  System— >Servies—>DHCP  Bindings 
Information  and  then  clicking  Clear.  The  DHCP  server  will  automatically  reassign 
all  those  connections,  but  avoid  the  IP  of  the  computer  connected  statically. 

The  DHCP  server  automatically  assigns  the  lowest  available  IP  address.  Assigning 
a  static  IP  higher  in  the  subnet  helps  avoid  IP  address  conflicts.  For  example, 
192.168.40.200  will  almost  never  be  assigned  by  the  DHCP  server,  so  it  is  a  good 
place  to  assign  a  static  IP.  One  will  also  need  to  exclude  this  address  from  the  DHCP 
server. 

9.  Port  Aggregation/Link  Aggregation  Control  Protocol 

The  ports  on  the  computer  that  are  connected  to  the  link  aggregation  group  (LAG) 
on  the  network  switch  also  need  to  be  set  up  for  port  trunking.  This  report  does  not 
go  into  detail  on  the  process  for  each  computer,  because,  depending  on  the 
operating  system,  the  process  varies  greatly. 

9.1  Adding  LAG  to  VLAN 

This  is  very  similar  to  setting  up  the  DHCP  server;  however,  now  the  user  needs  to 
add  the  LAG  ports  to  the  VLAN,  too.  If  one  followed  the  steps  for  adding  all  ports 
to  a  DHCP,  this  may  have  been  done  already. 

Use  the  following  path  to  add  the  LAG  ports  to  the  VLAN: 

S witching— ► VLAN— >  Advanced— ►Port  PVID  Configuration 

The  procedures  for  adding  the  LAG  ports  to  the  VLAN  are  as  follows: 

1)  Above  the  list,  click  on  LAG. 
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2)  Check  the  LAG  to  change  (or  all  of  them). 

3)  Type  the  ID  of  the  VLAN  in  the  PVID  column. 

4)  Then  click  Apply. 


9.2  Adding  Ports  to  LAG 

Use  the  following  path  to  add  ports  to  the  LAG: 

Switching— >LAG—»LAG  Membership 
The  procedures  for  adding  ports  to  the  LAG  (Fig.  9)  are  as  follows: 

1)  For  LAG  ID,  pick  the  ID  of  the  desired  LAG. 

2)  LAG  name  can  be  changed  to  anything.  Name  it  something  that  will  be  a 
reminder  of  what  it  is  connected  to. 

3)  Select  the  Hash  Mode  desired. 

4)  On  the  Unit  1  box  at  the  bottom,  select  the  ports.  They  should  have  a  check 
on  them  now. 

5)  Then  click  Apply. 

LAG  Membership 

Lag  1 
SDR| 

Enable  v 
Disable  v 
Enable  v 
Enable  v 

SrrtDest  MAC,  VLAN,  EType,  incoming  port  v 

ports  1  3  5  7  9  11  13  15 


2  4  6  8  ID  12  14  16 

Fig.  9  Adding  ports  to  the  LAG 

9.3  Checking  the  LAG 

Use  the  following  path  to  check  the  LAG: 

Switching— >LAG— »LAG  Configuration 

The  LAG  recently  changed  with  the  new  settings  and  the  ports  should  be  listed 
(Fig.  10). 
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LAG  Configuration 
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Fig.  10  LAG  settings  and  ports 


10.  Stacking  Switches 

Use  the  following  path  to  stack  the  switches: 

System— ^-Stacking 

This  looks  self-explanatory,  but  is  currently  untested. 

One  can  used  the  following  path — Security— ^-Traffic  Control— "Private 
Vlan— ^Private  Vlan  Type  Configuration — when  separating  2  or  more  VLANs  on 
one  network  switch. 

11.  Conclusion 


A  managed  network  switch,  such  as  the  NETGEAR  m4300,  has  a  great  many  ways 
to  set  it  up.  To  avoid  filling  up  pages  with  text,  many  options  are  abbreviated, 
increasing  the  barrier  to  entry  for  a  new  network  manager.  In  this  technical  note, 
we  hope  the  learning  curve  for  this  particular  managed  network  switch  was  greatly 
decreased  for  a  new  user.  The  other  goal  was  to  help  the  average  user  to  more 
quickly  understand  how  this  particular  network  switch  was  set  up  in  order  to 
achieve  the  desired  performance.  It  should  be  noted  that  the  setup  outlined  in  this 
technical  note  is  not  the  optimal  setup  for  the  fastest  throughput  or  lowest  latency. 
Although  the  network  is  fast,  a  more  exact  knowledge  of  the  computers  that  will  be 
connected  to  the  network  would  allow  for  more  precise  control  of  the  packets 
through  the  network  switch,  reducing  latency  for  the  network  as  a  whole.  As 
previously  mentioned,  a  multiple  VLAN  setup  may  also  increase  throughput.  Both 
of  these  were  beyond  the  scope  of  this  report,  as  this  is  a  simple  setup  guide. 
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